function ViewCommunityProfile($sid, $name) { $objResponse = new xajaxResponse(); global $userbank, $username; if (!$userbank->is_admin()) { $objResponse->redirect("index.php?p=login&m=no_access", 0); $log = new CSystemLog("w", "Hacking Attempt", $username . " tried to view profile of '" . htmlspecialchars($name) . "', but doesnt have access."); return $objResponse; } $sid = (int) $sid; require INCLUDES_PATH . '/CServerRcon.php'; //get the server data $data = $GLOBALS['db']->GetRow("SELECT ip, port, rcon FROM " . DB_PREFIX . "_servers WHERE sid = '" . $sid . "';"); if (empty($data['rcon'])) { $objResponse->addScript("ShowBox('Error', 'Can\\'t get playerinfo for " . addslashes(htmlspecialchars($name)) . ". No RCON password!', 'red', '', true);"); return $objResponse; } $r = new CServerRcon($data['ip'], $data['port'], $data['rcon']); if (!$r->Auth()) { $GLOBALS['db']->Execute("UPDATE " . DB_PREFIX . "_servers SET rcon = '' WHERE sid = '" . $sid . "';"); $objResponse->addScript("ShowBox('Error', 'Can\\'t get playerinfo for " . addslashes(htmlspecialchars($name)) . ". Wrong RCON password!', 'red', '', true);"); return $objResponse; } // search for the playername $ret = $r->rconCommand("status"); $search = preg_match_all(STATUS_PARSE, $ret, $matches, PREG_PATTERN_ORDER); $i = 0; $found = false; $index = -1; foreach ($matches[2] as $match) { if ($match == $name) { $found = true; $index = $i; break; } $i++; } if ($found) { $steam = $matches[3][$index]; // Hack to support steam3 [U:1:X] representation. if (strpos($steam, "[U:") === 0) { $steam = renderSteam2(getAccountId($steam), 0); } $objResponse->addScript("\$('dialog-control').setStyle('display', 'block');\$('dialog-content-text').innerHTML = 'Generating Community Profile link for " . addslashes(htmlspecialchars($name)) . ", please wait...<br /><font color=\"green\">Done.</font><br /><br /><b>Watch the profile <a href=\"http://www.steamcommunity.com/profiles/" . SteamIDToFriendID($steam) . "/\" title=\"" . addslashes(htmlspecialchars($name)) . "\\'s Profile\" target=\"_blank\">here</a>.</b>';"); $objResponse->addScript("window.open('http://www.steamcommunity.com/profiles/" . SteamIDToFriendID($steam) . "/', 'Community_" . $steam . "');"); } else { $objResponse->addScript("ShowBox('Error', 'Can\\'t get playerinfo for " . addslashes(htmlspecialchars($name)) . ". Player not on the server anymore!', 'red', '', true);"); } return $objResponse; }
$bancnt = 0; foreach ($bannedcfg as $ban) { $line = explode(" ", trim($ban)); if ($line[1] == "0") { if (validate_ip($line[2])) { $check = $GLOBALS['db']->Execute("SELECT ip FROM `" . DB_PREFIX . "_bans` WHERE ip = ? AND RemoveType IS NULL", array($line[2])); if ($check->RecordCount() == 0) { $bancnt++; $pre = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_bans(created,authid,ip,name,ends,length,reason,aid,adminIp,type) VALUES\r\n\t\t\t\t\t\t\t\t\t\t(UNIX_TIMESTAMP(),?,?,?,(UNIX_TIMESTAMP() + ?),?,?,?,?,?)"); $GLOBALS['db']->Execute($pre, array("", $line[2], "Imported Ban", 0, 0, "banned_ip.cfg import", $_COOKIE['aid'], $_SERVER['REMOTE_ADDR'], 1)); } } else { // if its an banned_user.cfg if (!validate_steam($line[2])) { if (($accountId = getAccountId($line[2])) !== -1) { $steam = renderSteam2($accountId, 0); } else { continue; } } else { $steam = $line[2]; } $check = $GLOBALS['db']->Execute("SELECT authid FROM `" . DB_PREFIX . "_bans` WHERE authid = ? AND RemoveType IS NULL", array($steam)); if ($check->RecordCount() == 0) { if (!isset($_POST['friendsname']) || $_POST['friendsname'] != "on" || ($pname = GetCommunityName($steam)) == "") { $pname = "Imported Ban"; } $bancnt++; $pre = $GLOBALS['db']->Prepare("INSERT INTO " . DB_PREFIX . "_bans(created,authid,ip,name,ends,length,reason,aid,adminIp,type) VALUES\r\n\t\t\t\t\t\t\t\t\t\t(UNIX_TIMESTAMP(),?,?,?,(UNIX_TIMESTAMP() + ?),?,?,?,?,?)"); $GLOBALS['db']->Execute($pre, array($steam, "", $pname, 0, 0, "banned_user.cfg import", $_COOKIE['aid'], $_SERVER['REMOTE_ADDR'], 0)); }